I can setup certificate distribution and wireless profiles in Intune for devices with user affinity and this works fine. The user account is synchronised with our on site AD server and NPS has an account to use for permissions. However for devices purely in azure without user affinity there's no account for NPS to use for permissions. I could create these manually but is there a way to do this using microsoft applications, either by authenticating against Azure or getting the accounts created in AD?
Thanks